I don't believe the order in "ssl_protocols" has any relevance. The client and server should negotiate/choose the highest mutually supported protocol version.
Yes, as I wrote in one of the three other threads about this co-ordinated release, the Right Thing isn't a list but a minimum version setting, and if you really want it, maybe a maximum.
Programs like web servers that expose a list here are doing that because the libraries they use did that, not because it makes any sense to configure it this way.
Of course the real fix is to change libraries to offer an appropriate API but handling the distance between what a pre-existing library does out off the box and what users want/need is the whole point of application software.
As other wrote, this might cause problems when TLS 1.3 contains a major vulnerability TLS 1.4 fixes.
In my opinion, the `ssl_protocols` config should accept a string like "TLSv1.2+ -TLSv1.3", basically stating a minimum version, allowing exclusions and including anything newer. In the same spirit, one should be able to do "TLSv1.0-TLSv1.2" for setting a maximum, with specific exclusions if a new TLS version ever becomes a problem.
Since TLS 1.3, version selection is more similar to cipher selection. See https://tools.ietf.org/html/rfc8446#section-4.2.1 : "The extension contains a list of supported versions in preference order, with the most preferred version first."
So then I don't understand the parent comment. It sounds like if you want TLS v1.2 support, you don't have to do anything special in configuring nginx.
Current defaults are `TLSv1 TLSv1.1 TLSv1.2`. The logic in stating `TLSv1.2` or `TLSv1.3 TLSv1.2` is that you're excluding TLSv1 or TLSv1.1 rather than explicitly including TLSv1.2.
If you want Nginx to use TLS v1.2, this is what you need:
…and if you compile a recent Nginx from source and bake in OpenSSL 1.1.1 while you do that, you can have TLS v1.3 with a TLS v1.2 fallback, too: See also:https://caniuse.com/#feat=tls1-2
https://caniuse.com/#feat=tls1-3